Segmentation Fault Vulnerability in SQLite 3.36.0 via idxGetTableInfo Function

Segmentation Fault Vulnerability in SQLite 3.36.0 via idxGetTableInfo Function

CVE-2021-36690 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.